GMER 1.0.15.15640 - http://www.gmer.net Rootkit scan 2011-07-03 19:37:40 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-16 ST3250410AS rev.4.AAA Running: tlw8qlts.exe; Driver: C:\DOCUME~1\user\USTAWI~1\Temp\kwdyrpob.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB6603FBA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB66048B4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB661DAEE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB6604E26] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB6604D14] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB661DE06] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateProcess [0xB6605056] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateProcessEx [0xB660521E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB6603D76] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB6604F3E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB661F110] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB66045E6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB661DECE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB660553C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB6618084] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB661988E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB66048F6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB660653C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB6619088] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB6619A38] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB660562E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB6618BC0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB6618E1C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB6605B9A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB661C30A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB6604EB8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB6604DA0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB66041F4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB660597E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB6604FD0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB66040E8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwPlugPlayControl [0xB661F120] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB6617EB8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB6619698] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryObject [0xB661C500] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB6605EC0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB6619488] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB66057CE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB6618198] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB661880C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB661E048] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB661DF96] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB661E0B4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB6618A14] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB66063DE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB661833E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKeyEx [0xB66184D4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveMergedKeys [0xB6618670] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB661DC76] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB6604756] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB66053E8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB6606010] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB6619248] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB6606104] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB660623E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB660545E] SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB6416620] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB66042EA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB6605D78] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB660447C] Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!ZwYieldExecution + 12E 804E4988 12 Bytes [06, DE, 61, B6, 56, 50, 60, ...] .text ntoskrnl.exe!ZwYieldExecution + 13E 804E4998 16 Bytes [76, 3D, 60, B6, 3E, 4F, 60, ...] .text ntoskrnl.exe!ZwYieldExecution + 1FA 804E4A54 12 Bytes [2E, 56, 60, B6, C0, 8B, 61, ...] .text ntoskrnl.exe!ZwYieldExecution + 276 804E4AD0 4 Bytes [E8, 40, 60, B6] .text ntoskrnl.exe!ZwYieldExecution + 376 804E4BD0 16 Bytes [98, 81, 61, B6, 0C, 88, 61, ...] {CWDE ; AND DWORD [ECX-0x4a], 0xb661880c; DEC EAX; LOOPNZ 0x6c; MOV DH, 0x96; FBLD TBYTE [ECX-0x4a]} .text ... .text ntoskrnl.exe!IoIsOperationSynchronous 804EAFCE 5 Bytes JMP B65F6DCC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) .text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804F45B3 5 Bytes JMP B65F69F0 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8DD1360, 0x32D25D, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xB5BFB300, 0x3AE88, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xF77D7300, 0x1B7E, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll (Ushata module/Kaspersky Lab ZAO) ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] USER32.dll!AlignRects 7E362A78 4 Bytes [E0, 13, 54, 67] ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll (Ushata module/Kaspersky Lab ZAO) ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] USER32.dll!AlignRects 7E362A78 4 Bytes [E0, 13, 54, 67] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [BA328DA0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\USBSTOR.SYS[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\System32\Drivers\Cdfs.SYS[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\irda.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [BA328DA0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\System32\Drivers\ParVdm.SYS[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\drivers\wdmaud.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\drivers\sysaudio.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) IAT \SystemRoot\System32\Drivers\HTTP.sys[ntoskrnl.exe!IoCreateDevice] [BA328C50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF058C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF05F8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF0664 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF06D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[380] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF058C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF05F8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF0664 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF06D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!CreateThread] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[1560] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA7 0xDB 0x5A 0xD8 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x49 0x42 0xDA 0xA9 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1B 0x63 0x84 0xA7 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA7 0xDB 0x5A 0xD8 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x49 0x42 0xDA 0xA9 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1B 0x63 0x84 0xA7 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}@_AutorunStatus 0x01 0x00 0x01 0x00 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}\shell Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}\shell@ None Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}\shell\Autoplay Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}\shell\Autoplay@MUIVerb @shell32.dll,-8504 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}\shell\Autoplay\DropTarget Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43cd3e88-ac0b-11dd-90a0-ca261ec56db5}\shell\Autoplay\DropTarget@CLSID {f26a669a-bcbb-4e37-abf9-7325da15f931} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69e49f72-ada6-11dd-90b4-4d6564696130} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69e49f72-ada6-11dd-90b4-4d6564696130}@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69e49f72-ada6-11dd-90b4-4d6564696130}@_AutorunStatus 0x01 0x00 0x01 0x00 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1ba-aa06-11dd-96c9-806d6172696f} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1ba-aa06-11dd-96c9-806d6172696f}@BaseClass Drive Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1ba-aa06-11dd-96c9-806d6172696f}@_AutorunStatus 0x01 0x00 0x01 0x00 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1ba-aa06-11dd-96c9-806d6172696f}\_Autorun Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1ba-aa06-11dd-96c9-806d6172696f}\_Autorun\DefaultIcon Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1ba-aa06-11dd-96c9-806d6172696f}\_Autorun\DefaultIcon@ D:\start.exe Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1bc-aa06-11dd-96c9-806d6172696f} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e8ea1bc-aa06-11dd-96c9-806d6172696f}@BaseClass Drive ---- EOF - GMER 1.0.15 ----